CN109274683A - A kind of combined crosswise Verification System and its authentication method - Google Patents
A kind of combined crosswise Verification System and its authentication method Download PDFInfo
- Publication number
- CN109274683A CN109274683A CN201811278716.2A CN201811278716A CN109274683A CN 109274683 A CN109274683 A CN 109274683A CN 201811278716 A CN201811278716 A CN 201811278716A CN 109274683 A CN109274683 A CN 109274683A
- Authority
- CN
- China
- Prior art keywords
- user
- information
- authentication
- perception
- combined crosswise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Collating Specific Patterns (AREA)
Abstract
The present invention relates to a kind of combined crosswise Verification System and its authentication methods, including user basic information management module, for managing the every identity information and biological information of user;User Activity management module, for managing the Activities information of user, including user behavior attribute information and user behavior habits information;User authentication information sensing module, for obtaining every authentication information of user;User's intelligent authentication module is analyzed by composite factor for obtaining user information and user's current state, provides dual factor anthentication decision mechanism, the certification of user identity is realized using combined crosswise certification decision;Statistical analysis module, for monitoring and the authentication scenario of counting user, and by statistic analysis result feedback into user's intelligent authentication module.The present invention carries out combined identity certification using a variety of identification authentication modes, overcomes the problems, such as the unreliability or inconvenience of single capacity authentication method authentication result in some applications, meets diversified service application need.
Description
Technical field
The present invention relates to technical field of security authentication, and in particular to a kind of combined crosswise Verification System and its authentication method.
Background technique
With mobile Internet high speed development and hand-held terminal device such as smart phone, tablet computer it is universal, mutually
Security issues become increasingly urgent for networking.Currently, the hardware digital certificate or E-token dynamic password card of either bank, all only accomplish pair
The management of trusted terminal can not verify user identity.
In recent years, with the raising of public's account safety sex consciousness, the prior art is real frequently with single creature feature technology
Now to the authentication of account, but recognition performance of the single creature feature technology under complex environment is not fine, and
Single creature feature verification is used alone in the higher occasion of security requirement, and there are certain risks.For example, using face technology
Realize the certification to identity, but since the shape of face is very unstable, people can change by face generates various expressions;This
Outside, different observation angle and illumination condition, the visual pattern of face also differ larger.
In addition, single method can not facilitate reply in diversified application needs, and for complicated authentication system
System, it is different that different business generally requires best, most convenient the identification authentication mode used.For example, register system for
The requirement of reliability wants low compared with payment system, and the requirement of convenience and pocket wants high compared with payment system.
Summary of the invention
The purpose of the present invention is to provide a kind of combined crosswise Verification System and its authentication methods, using a variety of authentications
Mode carries out combined identity certification, overcomes the single capacity authentication method unreliability of authentication result or not square in some applications
Just property problem meets diversified service application need.
To achieve the above object, the invention adopts the following technical scheme:
A kind of combined crosswise Verification System, comprising: user basic information management module, for managing every identity information of user
And biological information;User Activity management module, for managing the Activities information of user, including user behavior attribute letter
Breath and user behavior habits information;User authentication information sensing module, for obtaining every authentication information of user, including biology
The perception of characteristic information, the perception of non-biometric information, the perception of time, the perception of location information and user activity information
Perception;User's intelligent authentication module is analyzed by composite factor, is provided more for obtaining user information and user's current state
Factor authentication decision mechanism realizes the certification of user identity using combined crosswise certification decision;Statistical analysis module, for monitoring
With the authentication scenario of counting user, and by statistic analysis result feedback into user's intelligent authentication module, to dynamically adjust
Decision mechanism is authenticated, security risk is reduced.
In above scheme, the identity information includes name, gender, identification card number, affiliated unit, contact method;It is described
Biological information includes face, fingerprint etc. and non-biometric information, includes password/password, smart card.
In above scheme, the family behavior property information, connection IP, terminal seat point, terminal including user are used
Period, using resource type, the user behavior habits information include curve of sliding, finger apply pressure.
In above scheme, the perception of the biological information include the perception of face information, the perception of finger print information and
The perception of voice messaging;The perception of the non-biometric information includes the perception of password/password and certificate information;The time
Perception provided by local or network automatic synchronization;The perception of the position is obtained by Beidou/GPS, wireless network positioning, IP positioning
It takes;The perception of the action message is provided by gyroscope, touch screen, motion sensor, biometric sensor.
In above scheme, the dual factor anthentication decision mechanism is according to safety certification grade needed for resource type configuration
And user's current state, security risk assessment is carried out to current state, and assessment result feedback is configured to safety certification grade
In, not only meet resource type but also can be with the reliable convenient authentication mode of dynamic sensing current risk to provide.
In above scheme, the combined crosswise certification decision is used to believe the biological characteristic and non-biometric of each classification
Breath is identified, is providing multiple recognition results respectively after overmatching, all recognition results obtained are merged, with
Fusion results out carry out decision to fusion results, and provide the authentication result of active user according to the result of decision.
A kind of 7 combined crosswise authentication methods, comprise the following sequential steps:
(1) the every identity information and biological information for obtaining management user, complete the typing and management of userspersonal information;
(2) obtain every authentication information of user, the perception of perception, non-biometric information including biological information, when
Between perception, the perception of location information and the perception of user activity information;
(3) intelligent authentication algorithm is utilized, is analyzed by composite factor, dual factor anthentication decision mechanism is provided, using combined crosswise
It authenticates decision and realizes user identity authentication;
(4) for statistical analysis to user authentication information, and analysis result is fed back into user, it realizes to user authentication information
Closed loop management.
As shown from the above technical solution, the present invention above-mentioned combined crosswise Verification System and its authentication method, using fusion
It is conscientious that biological identification and the combined crosswise authentication mode of abiotic authentication techniques carry out, and is wanted according to the frequency of business and safety
It asks, when a certain identity card mode can not accurately complete authentication very much, carries out joint body using a variety of identification authentication modes
Part certification, overcomes the problems, such as the unreliability or inconvenience of single capacity authentication method authentication result in some applications, meets
Diversified service application needs.
Detailed description of the invention
Fig. 1 is system diagram of the invention;
Fig. 2 is flow chart of the method for the present invention.
Specific embodiment
The present invention will be further described with reference to the accompanying drawing:
As shown in Figure 1, the combined crosswise Verification System of the present embodiment, comprising:
User basic information management module, for managing the every identity information and biological information of user, the identity information
Including name, gender, identification card number, affiliated unit, contact method etc., which includes face, fingerprint etc. and non-
Biological information includes password/password, smart card etc..
User Activity management module includes for managing the Activities information of user, including user behavior attribute information
The connection IP of user, terminal seat point, terminal use time, resource type etc., user behavior habits information are used, comprising:
The pressure etc. that curve of sliding, finger apply.
User authentication information sensing module, for obtaining every authentication information of user, the sense including biological information
Know, the perception of non-biometric information, time and perception, the perception of user activity information of location information etc..
The perception of the biological information includes the perception of face information, the perception of finger print information, the perception of voice messaging
Deng can be provided by photographic device, fingerprint sensor, microphone/microphone etc.;The perception of non-biometric information includes password/close
The perception of the information such as code, certificate can be provided by keyboard, touch screen, keypad, card reader etc.;The perception of time can by local or
Network automatic synchronization provides;The perception of position can be realized by technologies such as Beidou/GPS, wireless network positioning, IP positioning;Activity letter
The perception of breath can be provided by gyroscope, touch screen, motion sensor, biometric sensor etc..
User's intelligent authentication module is analyzed using intelligent authentication algorithm by composite factor, and dual factor anthentication judgement is provided
Mechanism realizes that the best of user identity, most convenient authenticate using combined crosswise certification decision.The intelligent authentication algorithm is from user
User information is obtained in essential information, user activity information module, while being obtained user from user authentication information sensing module and being worked as
Preceding state authenticates user identity and carries out security risk assessment.
The present invention can precisely be identified for complex environment using respective algorithms, under the conditions of complex illumination
Facial image information, carry out pitching angular transformation and/or rotate left and right angular transformation and illumination compensation etc. pretreatment, provide rotation
Gyration and clarity optimal one facial picture.User can be divided into leader, administrator, common employee, visitor, suspicious
Personnel.
The dual factor anthentication may include any number of biological characteristic and non-biometric information, for example, can be defined as
" face+certificate ", " face+password/password ", " face+fingerprint+certificate " etc..
Dual factor anthentication decision mechanism is to obtain above-mentioned resource information from user basic information, user activity information module
And user information, and according to safety certification grade needed for resource type configuration, while from user authentication information sensing module
User's current state is obtained, and security risk assessment is carried out to current state, and assessment result is fed back to safety certification grade
In configuration, not only meet resource type but also can be with the reliable convenient authentication mode of dynamic sensing current risk to provide.
Combined crosswise certification decision can biological characteristic to each classification and non-biometric information identify, passing through
Multiple recognition results are provided after overmatching respectively, all recognition results obtained are merged, to obtain fusion results, to melting
It closes result and carries out decision, and provide the authentication result of active user according to the result of decision.
Statistical analysis module, for monitoring and the authentication scenario of counting user, and by statistic analysis result feedback to user
In intelligent authentication module, to dynamically adjust certification decision mechanism, security risk is reduced.
As shown in Fig. 2, combined crosswise authentication method of the invention, comprising:
Step 1: completing the management of userspersonal information by user basic information management module, pass through User Activity management module
The perception of user authentication information is realized in the typing and management for realizing user activity information by user authentication information sensing module;
User basic information management includes typing, editor, deletion, update etc..
Step 2: combined crosswise being carried out by user's intelligent authentication module and authenticates decision, realizes the best, most of user identity
Facilitate certification;
Step 3: it is for statistical analysis to user authentication information by statistical analysis module, and analysis result is fed back into user's intelligence
Energy authentication module, realizes the closed loop management to user authentication information.
Embodiment described above only describe the preferred embodiments of the invention, not to model of the invention
It encloses and is defined, without departing from the spirit of the design of the present invention, those of ordinary skill in the art are to technical side of the invention
The various changes and improvements that case is made should all be fallen into the protection scope that claims of the present invention determines.
Claims (7)
1. a kind of combined crosswise Verification System characterized by comprising
User basic information management module, for managing the every identity information and biological information of user;
User Activity management module, for managing the Activities information of user, including user behavior attribute information and user's row
For habits information;
User authentication information sensing module, it is perception including biological information, non-for obtaining every authentication information of user
The perception of biological information, the perception of time, the perception of location information and the perception of user activity information;
User's intelligent authentication module is analyzed by composite factor for obtaining user information and user's current state, provide mostly because
Element certification decision mechanism realizes the certification of user identity using combined crosswise certification decision;
Statistical analysis module, for monitoring and the authentication scenario of counting user, and by statistic analysis result feedback to user's intelligence
In authentication module, to dynamically adjust certification decision mechanism, security risk is reduced.
2. combined crosswise Verification System according to claim 1, it is characterised in that: the identity information includes name, property
Not, identification card number, affiliated unit, contact method;The biological information includes face, fingerprint etc. and non-biometric letter
Breath includes password/password, smart card.
3. combined crosswise Verification System according to claim 1, it is characterised in that: the family behavior property information, including
The connection IP of user, terminal seat point, terminal use time, using resource type, the user behavior habits information includes
The pressure that curve of sliding, finger apply.
4. combined crosswise Verification System according to claim 1, it is characterised in that: the perception packet of the biological information
Include the perception of face information, the perception of finger print information and the perception of voice messaging;The perception of the non-biometric information includes
The perception of password/password and certificate information;The perception of the time is provided by local or network automatic synchronization;The sense of the position
Know and is obtained by Beidou/GPS, wireless network positioning, IP positioning;The perception of the action message is passed by gyroscope, touch screen, movement
Sensor, biometric sensor provide.
5. combined crosswise Verification System according to claim 1, it is characterised in that: the dual factor anthentication decision mechanism is
According to safety certification grade and user's current state needed for resource type configuration, security risk assessment is carried out to current state,
And by assessment result feedback into the configuration of safety certification grade, not only meet resource type but also can be current with dynamic sensing to provide
The reliable convenient authentication mode of risk.
6. combined crosswise Verification System according to claim 1, it is characterised in that: the combined crosswise certification decision is used for
Biological characteristic and non-biometric information to each classification identify, are providing multiple identification knots respectively after overmatching
Fruit merges all recognition results obtained, to obtain fusion results, carries out decision to fusion results, and according to decision
As a result the authentication result of active user is provided.
7. a kind of combined crosswise authentication method, which is characterized in that comprise the following sequential steps:
(1) the every identity information and biological information for obtaining management user, complete the typing and management of userspersonal information;
(2) obtain every authentication information of user, the perception of perception, non-biometric information including biological information, when
Between perception, the perception of location information and the perception of user activity information;
(3) intelligent authentication algorithm is utilized, is analyzed by composite factor, dual factor anthentication decision mechanism is provided, using combined crosswise
It authenticates decision and realizes user identity authentication;
(4) for statistical analysis to user authentication information, and analysis result is fed back into user, it realizes to user authentication information
Closed loop management.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811278716.2A CN109274683A (en) | 2018-10-30 | 2018-10-30 | A kind of combined crosswise Verification System and its authentication method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811278716.2A CN109274683A (en) | 2018-10-30 | 2018-10-30 | A kind of combined crosswise Verification System and its authentication method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109274683A true CN109274683A (en) | 2019-01-25 |
Family
ID=65194713
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811278716.2A Pending CN109274683A (en) | 2018-10-30 | 2018-10-30 | A kind of combined crosswise Verification System and its authentication method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109274683A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111274595A (en) * | 2020-01-20 | 2020-06-12 | 北京合信力科技有限公司 | Resource access control method and device |
CN112217793A (en) * | 2020-09-07 | 2021-01-12 | 中国电力科学研究院有限公司 | Cross-system trust management system suitable for power Internet of things |
CN112671707A (en) * | 2020-11-25 | 2021-04-16 | 紫光云技术有限公司 | Multi-factor fusion authentication identity recognition model based on JWT (just-in-the-word) |
WO2021180001A1 (en) * | 2020-03-13 | 2021-09-16 | 北京三快在线科技有限公司 | Identity verification |
CN115473652A (en) * | 2022-08-25 | 2022-12-13 | 广东技术师范大学 | Identity authentication method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105490987A (en) * | 2014-09-18 | 2016-04-13 | 江苏威盾网络科技有限公司 | Network integration identity authentication method |
CN105827641A (en) * | 2016-05-13 | 2016-08-03 | 沃通电子认证服务有限公司 | Context awareness type dynamic unified authentication method and system |
CN105871854A (en) * | 2016-04-11 | 2016-08-17 | 浙江工业大学 | Self-adaptive cloud access control method based on dynamic authorization mechanism |
CN107067486A (en) * | 2017-03-13 | 2017-08-18 | 山东科技大学 | A kind of user based on multifactor cross validation registers personal identification method |
CN107231232A (en) * | 2016-03-23 | 2017-10-03 | 阿里巴巴集团控股有限公司 | A kind of auth method and device |
CN108123926A (en) * | 2016-11-30 | 2018-06-05 | 阿里巴巴集团控股有限公司 | Identity identifying method and device and computing device |
-
2018
- 2018-10-30 CN CN201811278716.2A patent/CN109274683A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105490987A (en) * | 2014-09-18 | 2016-04-13 | 江苏威盾网络科技有限公司 | Network integration identity authentication method |
CN107231232A (en) * | 2016-03-23 | 2017-10-03 | 阿里巴巴集团控股有限公司 | A kind of auth method and device |
CN105871854A (en) * | 2016-04-11 | 2016-08-17 | 浙江工业大学 | Self-adaptive cloud access control method based on dynamic authorization mechanism |
CN105827641A (en) * | 2016-05-13 | 2016-08-03 | 沃通电子认证服务有限公司 | Context awareness type dynamic unified authentication method and system |
CN108123926A (en) * | 2016-11-30 | 2018-06-05 | 阿里巴巴集团控股有限公司 | Identity identifying method and device and computing device |
CN107067486A (en) * | 2017-03-13 | 2017-08-18 | 山东科技大学 | A kind of user based on multifactor cross validation registers personal identification method |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111274595A (en) * | 2020-01-20 | 2020-06-12 | 北京合信力科技有限公司 | Resource access control method and device |
WO2021180001A1 (en) * | 2020-03-13 | 2021-09-16 | 北京三快在线科技有限公司 | Identity verification |
CN112217793A (en) * | 2020-09-07 | 2021-01-12 | 中国电力科学研究院有限公司 | Cross-system trust management system suitable for power Internet of things |
CN112671707A (en) * | 2020-11-25 | 2021-04-16 | 紫光云技术有限公司 | Multi-factor fusion authentication identity recognition model based on JWT (just-in-the-word) |
CN115473652A (en) * | 2022-08-25 | 2022-12-13 | 广东技术师范大学 | Identity authentication method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Liang et al. | Behavioral biometrics for continuous authentication in the internet-of-things era: An artificial intelligence perspective | |
US11789699B2 (en) | Systems and methods for private authentication with helper networks | |
Mahfouz et al. | A survey on behavioral biometric authentication on smartphones | |
US11101993B1 (en) | Authentication and authorization through derived behavioral credentials using secured paired communication devices | |
US20220058255A1 (en) | Biometric authentication | |
US10303964B1 (en) | Systems and methods for high fidelity multi-modal out-of-band biometric authentication through vector-based multi-profile storage | |
CN109274683A (en) | A kind of combined crosswise Verification System and its authentication method | |
US20180082304A1 (en) | System for user identification and authentication | |
Dahia et al. | Continuous authentication using biometrics: An advanced review | |
US20160269411A1 (en) | System and Method for Anonymous Biometric Access Control | |
US20220147607A1 (en) | System and methods for implementing private identity | |
US20150242605A1 (en) | Continuous authentication with a mobile device | |
Alqarni et al. | Identifying smartphone users based on how they interact with their phones | |
Amin et al. | Biometric and traditional mobile authentication techniques: Overviews and open issues | |
Azimpourkivi et al. | Camera based two factor authentication through mobile and wearable devices | |
US11102648B2 (en) | System, method, and apparatus for enhanced personal identification | |
US11367323B1 (en) | System and method for secure pair and unpair processing using a dynamic level of assurance (LOA) score | |
El-Bendary et al. | Investigating of nodes and personal authentications utilizing multimodal biometrics for medical application of WBANs security | |
Alotaibi et al. | Transparent authentication systems for mobile device security: A review | |
Stockinger | Implicit authentication on mobile devices | |
US11269983B2 (en) | Thermally enriched multi-modal and multi-channel biometric authentication | |
Gu et al. | Secure user authentication leveraging keystroke dynamics via wi-fi sensing | |
Harinda et al. | Security & privacy implications in the placement of biometric-based ID card for Rwanda Universities | |
Fenu et al. | Leveraging continuous multi-modal authentication for access control in mobile cloud environments | |
Tanviruzzaman et al. | Your phone knows you: Almost transparent authentication for smartphones |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190125 |
|
RJ01 | Rejection of invention patent application after publication |